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Preface 



The material in this unit of study was, over several years, presented by the authors to lower 
division undergraduates in the Department of Mathematics and the Department of Computer 
Science and Engineering at the University of California, San Diego (UCSD). All material has 
been classroom tested by the authors and other faculty members at UCSD. 

The first course of a two quarter sequence was chosen from six units of study: Boolean Func- 
tions (Unit BF), Logic (Unit Lo), Number Theory and Cryptography (Unit NT), Sets 
and Functions (Unit SF), and Equivalence and Order (Unit EO), and Induction, Se- 
quences and Series (Unit IS). 

The second course of the sequence was chosen from four units of study: Counting and Listing 
(Unit CL), Functions (Unit Fn), Decision Trees and Recursion (Unit DT), and Basic 
Concepts in Graph Theory (Unit GT). 

The order of presentation of units within the first six, as well as those within the second four, 
can be varied for students with a good high school background in mathematics. 

Discrete mathematics has become an essential tool in computer science, economics, biology, 
mathematics, chemistry, and engineering. Each area introduces its own special terms for shared 
concepts in discrete mathematics. The only way to keep from reinventing the wheel from area 
to area is to know the precise mathematical ideas behind the concepts being applied by these 
various fields. Our course material is dedicated to this task. 

At the end of each unit is a section of multiple choice questions: Multiple Choice Questions 
for Review. These questions should be read before reading the corresponding unit, and they 
should be referred to frequently as the units are read. We encouraged our students to be able to 

work these multiple choice questions and variations on them with ease and understanding. At 
the end of each section of the units are exercises that are suitable for written homework, exams, 
or class discussion. 
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Unit NT 

Number Theory and Cryptography 



Section 1: Basic Facts About Numbers 

In this section, we shall take a look at some of the most basic properties of Z, the set of inte- 
gers. We look at properties related to parity (even, odd), prime factorization, irrationality 
of square roots, and modular arithmetic. 

First we recall some standard notation for sets of various basic types of numbers. 

• M denotes the real numbers, 

• Z denotes the integers, 

• Q denotes the rational numbers (ratios of integers), 

• N denotes the nonnegative integers (the "natural numbers" ) , 

• N"*" denotes the nonzero natural numbers (the positive integers), 

• N2 denotes the set of natural numbers greater than or equal to 2. 
Note that R — Q is the set of irrational numbers. 

Example 1 (Odd and even integers) A basic subdivision of Z is into the odd integers 
and the even integers. An element of Z is even if it is "of the form 2t," where t £ Z. An 
element of Z is odd if it is not even. The odd integers are all of the form 2t + 1, where 
i € Z. (This should be proved, but we will not do so.) The phrase "of the form 2t" can be 
written precisely as 

Vn G Z, (n is even) if and only if (3 1 G Z such that n = 2t). 

The most elementary mathematical facts about odd and even integers concern the closure 
properties} Here is the closure property for multiplication: 

The integers m and n are both odd if and only if mn is odd. 

(Equivalently, by negating both sides of "if and only if," at least one the integers m or n is 
even if and only if mn is even. ) To show the "only if" part, suppose that if m and n are 
both odd, say m = 2j + l and m = 2k + l. Then mn = 4jk + 2j + 2k + l = 2{2jk+j + k) + l 
is of the form 2t + 1 where t = 2jk + j + k. Thus, mn is odd. To show the "if" part, we 
use the inverse. Suppose that at least one of m or n is even. Without loss of generality, we 
may suppose that m is even, say m = 2j. Then mn = 2jn is of the form 2t where t = jn. 
Thus, mn is even. A similar statement for addition is that, for integers m and n, m + n is 
odd if and only if one of them is odd and the other is even. 

^ A function on S x S has the closure property on S if its image is contained in S. Here 
S is the odd integers and the function is multiplication. 
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From the closure property for multiplication of odd integers, you can prove by induction 
that for any k > 1, and any integer m, mJ' is odd if and only if m is odd. Logically equivalent 
is that is even if and only if m is even. The fact that is odd if m is odd can also be 
proved using the binomial theorem, which you should have seen in high school: 

Since m is odd, m = 2j + 1 for some integer j. Let x = 2j and y = 1. Written another way, 

= (2i + 1)'= = 1 + (2jr + (2jr (2) + ■ • • + (2jr Q ■ 

In this form is obviously 1 plus an even integer and hence odd. D 



Prime Numbers and Factorization 

Most mathematicians would agree that the most important concept in number theory is 
the notion of a prime. 

Definition 1 (Prime and composite numbers) A natural number n is prime if n > 2 
and the only divisors of n are n and 1 . We denote the set of prime numbers by P. An 
integer n > 2 that is not prime is composite. 

The number 2 is the smallest prime and the only even prime. The other primes less than 
20 are 3, 5, 7, 11, 13, 17, 19. 

Example 2 (Prime factorization of any integer n > 2) Consider the integer 226512. 
It ends in 2 so it is divisible by 2. (We say that "n is divisible by m," indicated by the 
notation m | n, if n = qm for some integer q.) In fact, 226512/2 = 113256. We can divide 
by 2 again, 113256/2 = 56628; and again, 56628/2 = 28314; and again, 38314/2 = 14157. 
That's it. We can't divide by 2 anymore, so we have 226512 = 2^ x 14157. But, it is easy 
to check that 14157 is divisible by 3 to get 4719 which is again divisible by 3 to get 1573. 
That's it for dividing by 3, so we have 226512 = 2^ x 3^ x 1573. Continuing in this manner, 
we end up with 226512 = 2"^ x 3^ x 11^ x 13. We have written 226512 as a product of 
primes. Also, the notation m / n means that n is not divisible by m. 

Can every integer greater than 1 be written as a product of primes? What about a 
single prime p7 It is convenient to adopt the terminology that a single prime p is a product 
of one prime, itself.^ 

^ We could go even further and say that 1 is also can be written as an empty product. 
In fact, mathematicians do this: They say that an empty sum is and an empty product 
is 1. You may think this strange, but you've already seen it with exponents: The notation 
stands for the product of n copies of a. Thus a" is the product of no copies of a, and 
you learned that we define a° = 1 when you studied exponents. This is done so that the 
rule a""^"^ = a^-a"^ will work when n = 0. 
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In Unit IS (Induction, Sequences and Series) we use induction to prove the assertion 
A{n) for every integer n > 2 where 

A{n) = "n is a product of primes." 

You might find it helpful to read the first two pages of Unit IS at this time. We start 
(base case) with n = 2, which is a prime and hence a product of primes. The induction 
hypothesis is the following: 

"Suppose that for some n > 2, the assertion A{k) is true for all k such that 2 < k < n." 

Assume the induction hypothesis and consider n. If n is a prime, then it is a product of 
primes (itself). Otherwise, n = st where 1 < s < n and 1 < t < n. By the induction 
hypothesis, s and t are each a product of primes. Hence n = si is a product of primes. 
Thus A{n) is true and the assertion is proved by induction. 

If n > 2 is an integer, the notation n = p\^p^ ■ ■ ■ plj^ is commonly used to designate 
its prime factorization, where pi,P2, ■ ■ ■ Pk ai'e distinct primes and all > 0. In other 
words, each prime factor is raised to its highest power that divides n. Thus, 226512 = 
2^ X 3^ X 1573^. Of course, exponents with value 1 are usually omitted, thus 1573^ would 
be written 1573. 

It is important to note (We won't give a proof.) that prime factorization is unique in 
the following sense. Suppose one student correctly computes a prime factorization of n and 
gets n = Pi^P2^ ■ ■ ■pi'' where she has ordered the prime factors so that Pi < P2 < • • • < Pk- 
Suppose that another student also correctly computes a prime factorization of n and gets 
n = 0.1^0.2 ■ ■ ■ Qj' with qi <q2<-- - < qj, then k = j, qi = Pi, and = /j, for i = 1, . . . , k. 
Let's call this a theorem: 

Theorem 1 (Unique prime factorization) Every integer n > 2 can be factored into a 
product of primes. This factorization is unique in the sense that any two such factorizations 
differ only in the order in which the primes are written. 

Sometimes people think it is "obvious" that prime factorization is unique. That's not 
true. There are sets other than the integers where prime factorization can be defined, but 
it may not be unique.'^ The assumption that it is unique was used in a "proof" of Fermat's 
Last Theorem about a century ago. Of course, the proof was false because factorization 
was not unique in the set being studied. Understanding the problem led to what is known 
as "algebraic number theory," which eventually led to a correct proof of Fermat's Last 
Theorem. Q 

^ When a, 6 G Z, complex numbers of the form a+b\^—5 are a type of "algebraic integer." 
The set of these "integers" is denoted by Z [-s/— 5] = { a + b^/^ | a,b ^ We have 

6 = 2x3 = (1 + (l - ^/^) . 

Since 2,3,1 + and 1 — ^/—5 cannot be factored further in Z [V— 5j , they are "primes." 
Hence prime factorization is not unique for Z [a/— 5] . The desire for uniqueness led to the 
concept of "ideals" in Z [-\/— 5] and the development of "algebraic number theory." 
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Now that we know that every integer n > 2 is a product of powers of primes, we can 
show 

Theorem 2 (Infinitely many primes) There are infinitely many primes. 
Proof: Suppose that there were only finitely many primes, say the k primes 

P = {Pl,P2, • • • ,Pk}- 

Consider the integer n = {piP2 • • •Pfe) + 1 gotten by taking the product of all of the primes 
in P and adding one. Clearly, n ^ P (it's too big). That means n is a product of primes. 
Let p be one of the prime factors of n. Hence n/p is an integer. For pi G P, dividing n by 
Pi leaves a remainder of 1 and so n/pi is not an integer. Since n/p is an integer and n/pi 
is not, we cannot have p = Pi- Hence p ^ P. Contradiction! Thus there cannot be finitely 
many primes. D 

Prime factorization can be used to prove things that apparently do not depend on 
primes. Our next example illustrates this. 

Example 3 (For all n G N, ^/n is either an integer or irrational) The integer 36 
is nice because \/36 = 6 and 6 is an integer. Thus 36 is called a perfect square. A perfect 
square is an integer whose square root is also an integer. Suppose y/n is not an integer. How 
"bad" is it? For example, maybe, though not an integer, -s/n is rational; that is, -s/n = a/b 
for some integers a and b. Sadly, that can't happen. We prove this by contradiction 

Suppose y/n = a/b where b > 2 and we have cancelled common factors from the 
numerator and denominator. Since -^n = a/b, we have n6^ = a^. Let p be a prime factor of 
b {p exists since 6 > 2). Since prime factorization is unique, is a prime factor of nb^ = o? . 
On the other hand, since f> is a prime factor of 6, it is not a prime factor of a since we have 

cancelled common factors to get a and b. So far, we have shown that p is a prime factor of 
0? but not a prime factor of a. In the next paragraph, we show that this is a contradiction. 

For any integer x, if the prime factorization of x is .x = Pi^p'2 • • 'P^k then the prime 
factorization of is = p\^^p^^ ■ ■ ■ pI^"" ■ In other words, any integer x has exactly the 
same prime divisors as its square, x^. Apply this with x = a. We have proved 

Theorem 3 (Irrational square roots) For all n G N, ^/n is either an integer or 
irrational. 

We can use this to get a lot of irrational numbers. Suppose that < n < {k + 1)^ for 
some A; G N. Taking square roots, we have k < ^/n < k + 1. Thus ^/n cannot be an integer 
and so it must hv irrat ional. In particular -\/3, \/5, \fl, \f% are all irrational.'* 

^ Some classical Greeks were bothered by this. They thought there should be a basic 
unit of length such that all the lines in a geometrical construction were integer multiples of 
that length, but they could prove that this was impossible: By the Pythagorean Theorem, 
the diagonal of a unit square has length \/2, which they knew was irrational. If the side of 
the square were b basic units long and the diagonal were a, then \/2 = a/b. 
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There are some basic properties of irrational and rational numbers lurking beneath 
the surface here. If the product xy of two numbers is irrational, one of the numbers must 
be irrational. Equivalently (the contrapositive) , if x and y are both rational, say x = a/b 
and y = c/d, then xy = ac/bd is rational. Likewise, if the sum x + y of two numbers is 
irrational, one of the numbers must be irrational (prove this) . 

Some students think these statements mean that the product of two nonzero irrational 
numbers is irrational and the sum of two irrational numbers is irrational, both statements 
are false: y/2 x \/2 = 2 and (— V^) + \/2 = 0. It is true, however, that if x ^ is rational 
and y is irrational, then the product xy is irrational. To prove this statement, use the 
contrapositive. If xy = a/b then y = a/bx. Since a; 7^ is rational, say x = c/d, this 
implies that y = ad/cb is rational. □ 

Example 4 (The rational numbers are countable) We want to show that we can 
create a list oi, 02, 03, . . . such that every rational number appears on the list. We do this 
as follows: 

Step 1. Start the list with 0, 1/1, -1/1 and set A; = 3. 

Step 2. Append to the list all rational numbers in reduced form where the sum of the 
numerator and denominator (ignoring signs) is k. Begin with the largest numerators 

and proceed to the smallest, listing positive numbers and then negative ones. (Thus, for 
fc = 3 we append 2/1, 1/2, -1/2, -2/1 and for fc = 4 we append 3/1, 1/3, -1/3, -3/1.) 

Step 3. Increase k by one and go to Step 2. 

The list begins 









= 0, 


a2 = 


1/1, 


0-3 = 


-1/1, 






k 


= 3 : 


04 


= 2/1, 


05 = 


1/2, 


ae = 


-1/2, 


a? 


= -2/1 


k 


= 4 : 


as 


= 3/1, 


09 = 


1/3, 


aw = 


-1/3, 


ail 


= -3/1 


k 


= 5 : 


ai2 


= 4/1, 


ai3 = 


3/2, 


Ol4 = 


2/3, 


ai5 


= 1/4, 






ai5 


= -1/4, 


016 = 


-2/3, 


air = 


-3/2, 


ai8 


-4/1, 



Note that each rational number occurs exactly once in the list. In some sense, the number 
of rational numbers is the same as the number of positive integers since we have one rational 
number for each positive integer (the subscript of a)\ 

Because we can form such a list, we say that the set of rational numbers is countable. 
More simply, people say that the rationals are countable. D 

Example 5 (The real numbers are not countable) We must show that it is impossible 
to form a list of the real numbers. How can we do this? We must show that, no matter 
what list of real numbers we have, there is some real number that is not on the list. 

Suppose we have a list 01,02, •• • of real numbers. Let dk be the kth digit after the 
decimal point in o^. For example, if 04 = 2.718281828 . . . (the number e), then ^4 = 2. If 
dk = 1, let bk = 2 and, if d^ ^ 1, let bk = 1. Look at the number r = 0.6162^3 • • •• We 
claim it is not in the list. Why is this? Suppose someone claims, for example that 099 = r. 
By definition, dgg is the ninety-ninth digit of Ogg after the decimal point. Since 699 7^ dgg, 
the numbers r and Ogg differ in their ninety-ninth digits. Thus r ^ Ogg. 
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Arguments of this type are called diagonal arguments. Why is this? A picture can 
help. Here * stands for a digit we are not interested in and we have dropped all the digits 
before the decimal points. 

ai =.di * * * * * . . . 

a2 =■* ^2 * * * * . . . 
03 =.* * (is * * * . . . 

0(4 =.* * * (^4 * * . . . 

as =.* * * * * . . . 

The digits di,d2, - ■ ■ that we are changing appear in a diagonal pattern. The diagonal is 
not always so straightforward in a diagonal argument. D 



Remainders and Modular Arithmetic 



We all know from elementary school that if we divide one integer x by another d > 0, we 
get a quotient q and a remainder r, where < r < d. In other words, x = qd + r, < r < d. 
For example, iix = 234 and d = 21, then g = 11 and r = 3. Thus, 234 = 11 x 21 + 3. There 
are 21 possible remainders that can be gotten by dividing some randomly chosen integer 
by 21. These remainders belong to the set {0, 1,2,..., 20}. The set Z of all integers can be 
partitioned (divided up) into 21 subsets 

21Z, 21Z + 1, 21Z + 2,...,21Z + 20 

according to these remainders. Note that, for a set S of numbers aS + b = {as + b \ s e 3} 
so that 21Z + 4 = {. . . , —17, 4, 25, . . .}. We have just seen that 234 belongs to the subset 
21Z + 3. (The set 21Z + 3 equals {S + 21k\k = 0, ±1, ±2, . . . }.) For general d > 0, instead 
of d = 21, we get 

dZ, dZ + 1, dZ + 2,...,dZ + {d-l) 

The sets dZ + j are called residue classes modulo d. 

If a; = qd+r, < r < d, then we denote this fact by x modulo d = r or by x mod d = r. 
In this usage, "mod" is called a binary operation. Given any pair of integers x and d > 0, 
computing x mod d always results in some integer r, < r < d. 

The word "mod" is also used to convey the information that "x and x' belong to the 
same residue class mod d." The notation is x = x' (mod d) or x ^ x' (mod d) to express 
the facts (respectively) that "x and x' belong to the same residue class mod d," or, "x and 
x' do not belong to the same residue class mod d." Often you will see = used instead of = 
in these expressions. 

Because of the possible confusion between these two uses, we will use the C program- 
ming language notation for the binary operation. Let's summarize all this in a definition. 

Definition 2 (Residue classes and "mod") Let d > 2 be an integer For < j < d 
the set dZ + j = {nd + j \ n E Z} is called a residue class modulo d. The notation "mod" 
is used in two ways: 
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• X = x' (mod d) This means that x and x' belong to the same reside class modulo 
d. In other words, when x and x' are divided by d they have the same remainder. We 
say that x and y are equal modulo d (or mod d). For reasons we will learn later, this is 
referred to as "using mod as an equivalence relation. " The notation x = x' (mod d) is 
also used to indicate that x and y are equal modulo d. If the value of d is clear, people 
often write x = x' , omitting (mod d). 

• X mod d = r or x%d = r This means that when x is divided by d the remainder 
is r where < r < d. Used this way, "mod" is a binary operator. To avoid confusion, 
we will use the C programming language notation r = x%d. 

Since the two uses of "mod" involve different placement of "mod," you should not be 
confused as to which use is intended. 



Example 6 (A fact about remainders) There is something important about remainders 
that they may not have discussed in elementary school. Suppose x = qd+r and x' = q'd+r' . 
Then, subtracting and dividing by d gives 

X — x' (q — q')d + (r — r') , r — r' 

d d ^ d ' 

Note that since < r < d and < r' < d we must have < \r—r'\ < d. This means that the 
only way that ^-^f- can be an integer is that |r — r'| = or r = r'. This seems like a trivial 
point, but it is very important. It means that x and x' have the same remainder when 
divided by d (i.e., belong to the same residue class mod d) if and only if d divides x — x'. For 
example 7666 and 7652 belong to the same residue class modulo 7 since 7666 — 7652 = 14, 
which is modulo 7. D 

The notation x = x' (mod d) behaves like equality in many ways. The following 
theorem lists three of them. 

Theorem 4 (Arithmetic with mod) The notation x = x' (mod d) behaves like 
equality for addition, subtraction and multiplication. In other words, if x = x' (mod d) 
and y = y' (mod d ) then 

x + y = x' + y' (mod d), x — y = x' — y' (mod d) and xy = x'y' (mod d) . 

We talk about addition modulo d or simply modular addition, and similarly for subtraction 
and multiplication. Notice that we did not say x/y = x' /y' mod d. It is not true in general. 
For example, 2 = 8 (mod 6) and 2 = 2 (mod 6) but 2/2 7^ 8/2 (mod 6). 

Proof: We prove addition. By definition x + y = x' + y' (mod d) means that (x + y) — 
(x' + y') is divisible by d. But 

(x + y) - (x' + y') _ {x - x') + {y — y') _ x - x' ^y - y' 
d d d d ' 
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Since X = x' (mod d) and y = y' (mod d), both x — x' and y — y' are divisible by d. Thus, 
{x + y) — {x' + y') is divisible by d. 

The proof for subtraction is nearly the same as for addition, so we omit it. 

We now prove multiplication. Again, we show that xy — x'y' is divisible by d: 

■J-y - .i:'y' ^ x{y - y') + y'j.i: - x') ^ ^ y - v' ^ , x - x' 
d d d d 

Since, x = x' (mod d) and y = y' (mod d), both x — x' and y — y' are divisible by d. Thus, 
xy — x'y' is divisible by d. □ 

Example 7 (Powers of + 1) Suppose x E dZ + 1. We could equally well write this 

as X mod d = 1 or x = 1 (mod d) or even just x = 1 provided we know we are doing 
arithmetic modulo d. We claim that .x" = 1 for all n E N. The proof is by induction on n. 

For n = 0, x° = 1 and so x^ = 1. For n = 1, x^ = x and so = 1 since we are 
given that x = 1. For n > 1, x" = (x"~^)x. By induction x"~^ = 1. By the theorem, 
x"~^x = 1x1 = 1. We are done. 

When d = 2, you should be able to see that this simply states that powers of odd 
numbers are odd, a fact we proved in Example 1. D 

Example 8 (Using modular arithmetic cleverly) There are smart ways and dumb 
ways to use Theorem 4. It is interesting to look first at a dumb way, just to see the 
power of these statements. Suppose you want to find the remainder when the number 
iV = 113 X (167 + 484) + 192 x 145 is divided by 21. That is, we wish to know (mod 21). 
A friend says he is going to help. He tells you that 113 = 95180 (mod 21), 167 = 5159244761 
(mod 21), 484 = 9073 (mod 21), 192 = 207441 (mod 21) and 145 = 19857871 (mod 21). 
He suggests you substitute those larger numbers for the original numbers in the expression 
A^ = 113 X (167 + 484) + 192 x 145 to get 

M = 95180 X (5159244761 + 9073) + 207441 x 19857871 . 

He assures you that, if you compute M and divide by 21 you will get the desired remainder 
r. He says he would like to borrow your car while you do the computations. After several 
hours work, you get M = 495177116538231. Dividing by 21 gives 15 as a remainder. Thus, 
r = 15, so N (mod 21) = 15. That is the right answer but it is a dumb way to do it! 

Another way is to just compute 

A" = 113 X (167 + 484) + 192 x 145 = 101403 

and divide that by 21 to get the remainder 15. That is not too dumb. 

Another way is to note that 113 = 8 (mod 21), 167 = 20 (mod 21), 484 = 1 (mod 21), 
192 = 3 (mod 21), 145 = 19 (mod 21). Substitute those for the corresponding numbers to 
get L = 8(20 + 1) + 3 * 19 = 225. Now divide 225 by 21 to get 15 as the remainder. 

A modification on the above is to note that 20 = —1 (mod 21) and 19 = —2 (mod 21) 
to get L' = 8(— 1 + 1) + 3(— 2) = —6. Dividing —6 by 21 gives a remainder of 15. Did you 
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learn that in elementary school? The remainder r must always be positive, < r < 21. 
Thus, writing —6 = g x 21 + r gives —6 = (—1) x 21 + 15. Do you see the power of these 
techniques? Don't be afraid to use them (wisely). Note that they apply to multiplying 
and adding, not dividing. For example, 484 = 1 (mod 21), 22 = 1 (mod 21), but 484/21 
(mod 21) 7^ 1/1 (mod 21). The number 484/21 is not even an integer. D 



The Floor and Ceiling Functions 

In computer science, many basic concepts are naturally expressed in terms of integer values 
(e.g., running time, input size, memory blocks) but are analyzed by functions that return 
real numbers. The conversion of the real numbers to integers that have direct meaning in 
terms of original problems sometimes involves the special functions "floor" and "ceiling." 

Let X G M be a real number. The floor function of x, denoted by [.xj , is the largest 
integer less than or equal to x. It is also called the greatest integer function. The ceiling 
function of x, denoted by [x], is the least integer greater than or equal to x. It is also 
called the least integer function. 

Here are some examples: 



Geometrically, the idea is simple. The floor of x moves you to the next integer less than or 
equal to x on the number line. The ceiling moves you to the next integer greater than or 
equal to x. For computation, notice that 



This is easily shown and we omit the proof. Note also that 

[xj = — [— x] and [x] = — [— xj . 

For example, [2.1J = -[-2.1]. 

For proofs and exercises, it is often helpful to know that any real number can be 
written as the sum of an integer n and a fraction /, —1 < / < +1. Thus, 4.9 = 4 + 0.9, 
—3.6 = —3 — 0.6 = —4 + 0.4. If x = n + /, then, since [xJ = n + [/J and \x~\ = n + [/]. 
you only have to think about the fractional part in your computations. For example. 



[2.8] = 3, 
L2.8J =2, 
[55 + 2.8] 



[5] = 5, 
L5J = 5, 
55 + [2.8] = 
-6 = -[-( 



[-2.8] = -2 
[-2.8] = -3 

55 + 3 = 58, 

■5.6)], 



L-5.6J 



V n G Z, V X G M, [n + xJ = n + [xj . 

V n G Z, V X G M, [n + x] = n + [x] . 



[4.9] = 4 + [0.9] =4 + = 4, 
[-3.6] = -4 + [0.4] = -4 + 1 = -3. 



If you prefer, [-3.6] = -3 + [-.6] = -3 + = -3. 
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Exercises for Section 1 

1.1. Prove the statement if true, otherwise find a counterexample. 

(a) For all natural numbers x and y, x + y is odd if one of x and y even and the 
other is odd. 

(b) For all natural numbers x and y, if x + y is odd then one of x and y even and 
the other is odd. 

1.2. Prove the statement if true, otherwise find a counterexample. 

(a) The difference of any two odd integers is odd. 

(b) If the sum of two integers is even, one of them must be even. 

1.3. Prove the statement if true, otherwise find a counterexample. 

(a) The product of two integers is even if and only if at least one of them is even. 

(b) The product of two integers is odd if and only if at least one of them is odd. 

1.4. Prove the statement if true, otherwise find a counterexample. 

(a) For any integers m and n, m'^ — rt' is even if and only if m — n is even. 

(b) For any integers m and n, — is odd if and only if m — n is odd. 

1.5. Prove the statement if true, otherwise find a counterexample. 

(a) For all integers n > 2, n"^ — 8 is composite. 

(b) For all integers n, (—1)" = —1 if and only if n is odd. 

1.6. Prove the statement if true, otherwise find a counterexample. 

(a) V n G Z, + n + 5 is odd. 

(b) V n G Z, (6(n^ + n + 1) — (5n^ — 3) is a perfect square). 

(c) 3 M > 0, V n > M, (n^ - n + 11 is prime). 

(d) There is a unique prime p of the form + 2n — 3. 

1.7. Prove the statement if true, otherwise find a counterexample. 

(a) For all integers n > 0, either n is a perfect square or, n = x + y where x and 
y are perfect squares ov,n = x + y + z where a;, y, and z perfect squares. 

(b) The product of four consecutive positive integers is never a perfect square. 

1.8. Prove the statement if true, otherwise find a counterexample. 
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(a) For all distinct positive integers m and n, either m^^^ + n^^^ and m^/^ — n^^^ 
are both rational or both irrational. 

Hint: Consider (m-*^/^ + n^/^) (m^/^ - n^/^). 

(b) For all distinct positive integers, if either m^^^+n^^^ or m^^'^—n^^^ are rational 
then both m and n are perfect squares. 

(c) For all distinct positive integers m and n, both m and n are perfect squares if 
and only if m + 2m^/^n^/^ + n is a perfect square. 

(d) Which of (a) , (b) and (c) are true if m 7^ n is changed to m = n? 

1.9. Prove that an integer n > 1 is composite if and only Hp divides n for some prime 
p < n^l'^ . 

1.10. Write the following rational numbers as the ratio ajh of two integers a and 6 > 0. 

(a) 3.1415 

(b) 0.30303030... 

(c) 6.32152152152152... 

1.11. Let X € M satisfy the equation = 1 where a, 6, c, and d are rational and a ^ c. 
Is X rational? Explain. 

1.12. In each case, if the statement is true, prove it, if false, give a counterexample. 

(a) The sum of three consecutive integers is zero (mod 3) . 

(b) The product of two even integers is zero (mod 4) . 

(c) An integer is divisible by 16 only if it is divisible by 8. 

(d) For all odd integers n, 3n + 3 is divisible by 6. 

1.13. In each case, if the statement is true, prove it, if false, give a counterexample. 

(a) V a, 6, c G Z, if a I 6 then a \ be. 

(b) V a, 6, c G Z, if a I 6 and h \ c, then a \ c 

(c) V a, 6, c G Z, if a I c then ab \ c. 

1.14. In each case, if the statement is true, prove it, if false, give a counterexample. 

(a) V a, 6, c G Z, if a I (6 + c) then a \ b and a \ c. 

(b) V a, 6, c G Z, if a I 6c then a | 6 or a | c. 

(c) Va,6GZ, ifa|6thena2 | fe^. 

(d) V a, 6 G Z, if a I 6 6 then a | 6 or a | 6. 

1.15. In each case, factor the given number into a product of powers of distinct primes. 
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(a) 1404. (b) 9702. (c) 89250. 

1.16. Let n = ■ ■ ■ p^*" be the factorization of n into powers of distinct primes. Let 

m > 1 be an integer. 

(a) What is the factorization of n™ into powers of distinct primes? 

(b) If s > is an integer but s^^"* is not, must s^^"* be irrational? Explain your 
answer. 

1.17. In each case, factor the given number into a product of powers of distinct primes. 
Recall that n\ = n{n — l)(n — 2) • ■ • 1 is the product of the first n integers. 

(a) 20!. How many terminal zeros in this number? 

(b) (20!)^. How many terminal zeros in this number? 

(c) (20!)^. How many terminal zeros in this number? 

1.18. Prove that if x is a nonzero natural number then 3 | x if and only if 3 divides the 
sum of the decimal digits of x. 

1.19. Prove or give a counterexample: The product of any four consecutive integers is 
equal to (mod 8) . 

1.20. Prove that, for all integers n > I, — 3 ^ (mod 4). 

1.21. Prove that, for all odd integers n, = 1 (mod 16). 

1.22. If m — n has remainder when divided by d does that mean the m and n each 
have the same remainder when divided by d? Support your answer by giving a 
counterexample or a proof. 

1.23. For all integers m,n,a,b, if m mod d = a and n mod d = b does that mean that 
(m + n) mod d = a + b? 

1.24. (a) Prove: If j = k (mod d), then dZ + j = dZ + k. 

(b) Prove: li j ^ k (mod d), then (dZ + j) n (dZ + k) is the empty set. 

1.25. If a > 0, log„(x) is the unique number such that a'°^"^^) = x. 

(a) Suppose that p and q are two different primes. Prove that \ogp{q) is irrational. 

(b) Is the result in (a) true if p and q are allowed to be composite numbers? Justify 
your answer. 

(c) For integers k and m, prove that log„(6) = k/mii and only if a!^ = b"^. 

1.26. In each case, if the statement is true, prove it, if false, give a counterexample. 
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(a) \/x,yeR, {[x-y\ = [x\ - [y\). 

(b) Vx G R, VA; G Z, {[x - k\ = [xj -k). 

(c) Vx G R, A; G N, {[x'^j = 

1.27. In each case, if the statement is true, prove it, if false, give a counterexample. 

(a) VnGZ, A;gN+, ([fj = ^) where r = n % A;) . 

(b) Vx G R, Va,6 G N+, {[ax + bj =a[a;J + b). 

1.28. Prove each of the following statements or give a counterexample. 

(a) Vx G R-Z, {[x\ + [-x\ = -1). 

(b) VxgR-Z, {\x] + \-x] =+1). 



Section 2: Cryptography and Secrecy 

Cryptography is concerned with secret messages. Cryptanalysis is the name for the general 
area of breaking secret codes so the messages can be read. This general topic represents a 
vast body of knowledge. We begin by introducing the basic ideas and problems. Then we 
take time out to study some number theory functions that are useful for cryptography on 
the internet. Finally, we look at two protocols that are currently used — DifRe-Hellman 
and RSA. 



Basic Ideas 

Suppose that Alice wishes to send a message to Bob in such a way that anyone else receiving 
her message will not be able to understand it. She can communicate in code. There are 
three pieces of data involved: 

• The plaintext, which is what Alice wants to tell Bob. 

• The ciphertext, which is the message Alice actually sends Bob. 

• The key, which tells how to convert plaintext to ciphertext and vice versa. Since the 
key is known to Alice and Bob, it is sometimes called the shared key. 

The rules for converting can be thought of as functions. If V is the set of all possible 
plaintext messages and C is the set of all possible ciphertext messages, then the key K 
determines a fimction fx :V^C that Alice uses to encipher the message. Bob uses the 
inverse function to decipher the message. Notice that, in order to decipher, /^^ must 
exist. Thus fx must be an injection. The next example illustrates a simple scheme for 
doing this. 
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Example 9 (A simple code) Instead of Alice and Bob, we liavc two factories A and 
B that are going to exchange goods. There are 64 different items (coded 0, 1, 2, . . . 63) to 
be shipped and four methods of shipping (regular mail represented by the code 00; priority 
mail, code 01; air mail, code 10; and next day air, code 11). A shipment request looks 
something like 10101001. The two least significant bits, 01 in this case specify the method 
of shipping and the other six bits the item in base 2 (101010 or item 42 in this case). 

The factories want to keep the orders they are requesting from each other secret from 
their competitors. To keep things secret, the factories agree on a simple encipherment 
procedure. They agree on a fixed eight bit binary string that they share as a secret. Here 
is the secret string that they happen to choose: K = 11000111. This is the shared key, also 
called the secret key or, simply, the key. 

Factory A wants to place order r = 10101001 with factory B. To do this, the folks at 
A add r to K bit-by-bit using addition mod 2. That is, 0-^0 = 0, 0-1-1 = 1-^0 = 1, 
1-1-1 = 0. Here is what happens: 

10101001 plaintext 
11000111 key K 
01101110 ciphertext 

The first line is the message, the second line is the key, and the third line is the mod 2 bit-by- 
bit sum of the message and the key. We have just computed /x (10101001). Actually, this 
is done in the computer. When someone wants to place an order, they type in 10101001. 
The computer does the addition and sends the result to factory B. 

When factory B's computer receives the ciphertext, it adds the shared key to the 
ciphertext as follows: 

01101110 ciphertext 

11000111 key K 
10101001 plaintext 

This reverses the process and reveals the correct order from factory A. Pretty nifty — the 
function and its inverse are the same, i.e. /^^ = fx- D 

In the previous example, f^^ = fx- This makes programming easier since the software 
for deciphering is the same as the software for enciphering. As a result, many systems are 
designed to have f^^ = fx- 

There is a problem with our simple system (other than the fact that it's too simple): 
We can only send an 8-bit message. 

• What if wc want to send English instead of bits? This is no problem since computers 
store everything as bits. For example, text is stored using ASCII. 

• What if we want to send longer messages? Well, we could break it into pieces that are 
8-bits long and add the key to each 8-bit piece. For reasons we won't go into, using 
the same key K for each 8-bit piece is bad. Therefore there should be some rule for 
changing K. A simple rule is to replace the K for the current piece with 3K mod 2^ 
for the next piece. 
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Example 10 (Industrial espionage) Let's return to our factories that have been 
happily communicating secretly with each other. 

Suppose Joe, who does industrial espionage for a competitor is able to intercept the 
ciphertext as it passes over the internet. He wants to know what orders are being placed; 
that is, he wants to find the plaintext. (He knows how to interpret the plaintext since lots 
of people at factories A and B know what it means.) 

Joe manages to get an employee to place a fake order, say 11110000. 

11110000 plaintext 
11000111 key K 
00110111 ciphertext 

Bob intercepts the ciphertext and adds it to the plaintext as follows: 

00110111 ciphertext 

11110000 plaintext 

11000111 key K 

Now Joe has the key. Clever guy! 

Except that the key and messages are much longer and the function fx is not so 

simple, this sort of stuff goes on in the real world all of the time. For example, K might be 
anywhere from 64 to 128 bits, so there are anywhere from 2*"^ to 2^^^ possibilities for K. 

You might ask why Joe didn't just get an employee to tell him key. The key is in the 
computer program. Only a few people, if any, know what it is. Well then, how did Joe 
know that fx was plaintext plus key? In the real world, people use standard encryption 
algorithms (i.e., standard functions) that are public knowledge. When your computer 
browser is in secure mode, it is using a standard algorithm that Joe knows about. D 

How can a company prevent Joe from getting their secrets this way? When we're 
thinking about this, we should imagine that the key is longer (64 to 128 bits) and that the 
plaintext is much longer. Here arc some possibilities. 

• Make it harder for Joe to get K. 

o We could improve employee loyalty. This may be difficult. A more reliable solution 
would be preferred. 

o We could invent an encryption system so that, even with plaintext and ciphertext, 
it is hard for Joe to compute K. Later, we'll discuss a way to do this. 

• Change K frequently. 

o Sending out a new K may be feasible with two factories. It's much harder if there 
are a hundred — there are logistic and security problems. Why can't we simply 
encrypt the new K and send it out? Because, if Joe has the old he can read 
the message and get the new one. 

o When two computers want to communicate, have them decide on a for that 
communication. This sounds impossible since Joe could eavesdrop. Later, we'll 

discuss a way to do this. 

• Make Joe's knowledge of K useless. 

o We could invent an encryption system so that, even with K and ciphertext it is 
hard for Joe to compute plaintext without some additional (secret) information. 
Later, we'll discuss a way to do this. 
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The gcd, 1cm and ^ Functions 

We now discuss some number theory functions that are important in cryptography. 
After we understand them, we'h use them in the Diffie-HeUman and RSA protocols. 

Definition 3 (Greatest common divisor and least common multiple) If k, n and 

n/k are integers, we write k \ n (read "k divides n") and we call k a divisor of n and we 
call n a multiple of k. The greatest common divisor of m and n is the largest (positive) k 
such that k is a divisor of m and k is a divisor of n. It is denoted by gcd(m, n). The least 
common multiple of m and n is the smallest positive integer k such that k is a multiple of 
m and k is a multiple of n. It is denoted by lcm(m, n). 

For example, if m = 6, its positive divisors are 1, 2, 3 and 6. Its positive multiples are 
6, 12, 18, ... The greatest common divisor of 6 and 9 is 3, written gcd(6, 9) = 3. Similarly, 
lcm(6,9) = 18. 

The gcd(120, 26) = 2. It is also the case that 5 x 120 - 23 x 26 = 2. In other words, 
there are integers a = 5 and b = —23 such that am + bn = gcd(m, n) where m = 120 and 
n = 26. This is a fact that is true for any m and n. That is, we claim 

Theorem 5 (The gcd as a linear combination) The greatest common divisor of m 
and n is a linear combination, with integral coefficients, of m, and n. 

Corollary (All common divisors) An integer k divides m and n if and only if it divides 
gcd(m,n). 

Proof: We can see why this must be true without knowing how to compute the coefficients 

a and b. The set S = {Am + Bn \ A, B £ Am + Bn > 0} is a nonempty set of positive 
integers (since \m\ € S) and therefore has a least element (by common sense at this point). 
Let am + bn = Lhe this least element. Note that L | m. If not, we would have m = qL + r, 
< r < L. Thus, 

r = m — qL = m — q{am + bn) = (1 — qa)m — {qb)n G S. 

This would contradict the minimality of L since < r < L. Similarly, L \ n. Thus, L is a 
common divisor of m and n. Any integer x that is a common divisor of m and n divides 
any element Am + Bn of S and thus x \ L. Thus, L = gcd(m, n) is the greatest common 
divisor of m and n. This proves that am + bn = gcd(m, n). 

In the last couple of sentences of the previous paragraph, we concluded that, if x 
divides both m n, then x \ gcd(m,n). Conversely, suppose x \ gcd(m,n). This means that 
X divides both m and n. This proves the corollary. □ 
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Example 11 (Some properties of god and 1cm) Let n > and m > be positive 

integers and let n = p\^p^ ■ ■ ■ Pf!" and m = p{^p^2 ' ' ' Pk" factorizations of m and n 
into primes where some of the exponents /j or may be zero (in order to make k and the 
list of Pi the same for both factorizations). For example, n = 6500 = 2^ x 5^ x 13 and 
m = 24696 = 2'^ x 3^ x 7'^ would, using this convention, be written as n = 2^ x 3° x 5'^ x 7*^ x 13^ 
and m = 2^ X 3^ X 5° X 7'^ X 13*^. The following theorem is the general result of which 
this example is a special case. We will not prove it. You should think carefully about the 
example and make up some of your own until you see why the theorem is true. 

Theorem 6 (Computing gcd and 1cm) If n = p'^^p'^ ■ ■ ■ p'k' m = p{^p^2 ' ' ' Pk" ' 
then 

gcd(m, n) = pf-i-^Mpf-i-^'h) . . .pmin(e„/.) 

and 

lcm(m,n) = j^r'^'^^'^r'^'"^'^ • ■ ■ p'^'^^^^-f^l 



Applying this to 

6500 = 2^ X 3° X 5^ X 7° X 13^ and 24696 = 2^ x 3^ x 5° x 7^ x 13° 

gives 

gcd(6500, 24696) = 2^ x 3° x 5° x 7° x 13° = 4 

and 

lcm(6500, 24696) = 2^ x 3^ x 5^ x 7^ x 13^ = 40131000. 
This is really pretty easy! 

The theorem has various consequences. 

• Every divisor d = Pi^p'l^ ■ ■ ■ p'^'' of m and n has di < and di < fi. Thus di < 
min(ej,/i) and so d is also a divisor of gcd(m,ra). That is, every common divisor of 
m and n is a divisor of gcd(m,n). (We also proved this in the process of proving 
Theorem 5.) Conversely, every divisor of gcd(m, re) is a common divisor of m and re. 

• Similarly, every common multiple of rre and re is a multiple of lcm(m, re). Conversely, 
every multiple of lcm(rre, re) is a common multiple of rre and re. 

• gcd(rre, re)lcm(m, re) = reire because min(ej, /j) + max(ej, /j) = Cj + /j and so the term 
in gcd(rre,re)lcm(re^, re) is 

mm(ei,/i) max(ei,/i) _ min(ei,/i)+max(ei,/i) _ „ei+/i _ a fi 
Pi Pi Pi Pi Pi Pi ' 

• If d is a common divisor oim and re, then gcd{m/d,n/d) = gcd{m,n)/d. In particular, 
when d = gcd(rre, re), we have gcd{'m/d, n/d) = 1. We omit the proof. D 

The one thing you have to do to use the previous method for computing greatest 
common divisors and least common multiples is to factor re and m into primes. That can 
be difficult for big numbers. This method for computing gcd and 1cm is more of theoretical 
or conceptual interest than of practical interest. Commonly available software for your 
computer will compute the gcd and the 1cm quickly and efficiently for most integers that 
you may be interested in, without having to factor the integers. In the next example, we 
discuss the method that the software uses. 
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Example 12 (The Euclidean algorithm) Suppose we want to compute gcd(330, 156). 
Here's a "magical" procedure for doing it. 

• We form a sequence that starts 330, 156. 

• To get the next term in the sequence, divide 156 into 330 and keep the remainder: 

330, 156, 18. 

• To get the next term in the sequence, divide 18 into 156 and keep the remainder: 

330, 156, 18, 12. 

• To get the next term in the sequence, divide 12 into 18 and keep the remainder: 
330, 156, 18, 12, 6. 

• To get the next term in the sequence, divide 6 into 12 and keep the remainder: 
330, 156, 18, 12, 6, 0. 

Since we've reached zero, we stop and the term just before it (namely six) is the greatest 
common divisor. We could have started with 156, 330. Then we would have 156, 330, 156, 
18, 12, 6, 0. 

Wc need to formulate this in general and we need to prove that it works; that is, it 
isn't magic. 

Here's the general procedure. Given two numbers m > and n > 0, let Xi = m and 
X2 = n. Define Xk+i to be the remainder when Xk-i is divided by Xk- Since X^+i is a 
remainder, X^+i < X^. Thus we have X2 > X^ > ■ ■ ■. This eventually must reach zero, 
say Xf^i = 0. Then gcd(m,n) = X-^. This is known as the Euclidean algorithm. 

Why does it work? We claim that gcd(Xfc_|_i, X^) = gcd(Xfc, Xfc_i) for /c = 2, 3, . . . , t. 
Before proving this, let's see why it tells us that the algorithm works. We have 

gcd(m, n) = gcd(Xi, X2) = gcd(X2, X3) = • • • = gcd(Xt, X^+i) = gcd(Xt, 0) = X^, 

where gcd{Xt, 0) = Xf since all numbers divide zero. 

Now for the proof of the claim. Since X^+i is the remainder after dividing X^-i by 
Xf., it follows that Xk+i = Xk-i — qXf. where q is the quotient when we divide Xk-i by 
Xf.- Our claim states that 

gcd(Xfe_i - qXk, Xk) = gcd(Xfc,Xfc_i). 

More generally, we claim that gcd(a, b — ca) = gcd(a, b) for any integers a, b, c. Suppose 
d I a and d | b, then a = Ad and b = Bd for some integers A and B. Then 

b — ca = Bd — cAd = {B — cA)d and so d\{b — ca). 

Suppose d I a and d \ {b — ca)., then a = Ad and b — ca = Cd for some integers A and C. 
Then 

b = {b — ca) + ca = Cd + cAd = (C + cA)d and so d\b. 

We've now shown that d is a common divisor of a and b if and only if it is a common divisor 
of a and b — ca. This completes the proof. D 
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Example 13 (The EucUdean algorithm and Theorem 5) In Theorem 5 we showed 
that there are a, & € Z so that gcd(m, n) = am + bn, but we had no idea how to compute 
a and b. The Euchdean algorithm, with a slight modification, allows us to compute the a 
and b. Suppose we start with m = Xi and n = X2 and apply the Euclidean algorithm to 
get Xt = d = gcd(m, n): 

Xi> X2> Xs> ■■■> Xt> Xt+i = 0. 

Let Q2; Qs; ■ ■ ■ 1 Qt-i be the list of quotients associated with the nonzero remainders in this 
list. Thus, = QiXi + X^+i for i = 2, . . . , t - 1. Note that Xt-2 = Qt-iXt-i + Xt so 

gcd(m,n) = Xt = Xt-2 — Qt-i^t-i- If t = 3 we would have am + bn = gcd(m,n) with 
a = 1, b = —Qt-i, and our work would be done! 

If t > 3, we can continue in the same way. We still have Xt = Xt-2 ~ Qt-iXt-i- 
We also have Xt-i = Xt-3 — Qt-2Xt-2- If we substitute the second equation into the 
first, we get Xt = gcd(m, n) as a linear combination with integral coefficients of Xt-3 and 
Xt-2- If t = 4, we are done. Otherwise, using Xt-2 = Xt-4 — Qt-aXts, we get Xt as a 
linear combination of Xt-3 and Xt-4. Note that we are working our way towards getting 
Xt = gcd(m,n) as a linear combination with integral coefficients of Xi and X2. At this 
point we abandon the general discussion and move to an example. 

Consider Xi = 60 and X2 = 13. Here is the list of nonzero remainders produced by 
the Euclidean algorithm: 

60>13>8>5>3>2>1. 

Thus, t = 7 and gcd(60, 13) = 1. We kept track of the quotients: 4, 1, 1, 1, 1. To make it 
easier to see the connection between quotients and remainders we can write them in this 
way 

60>13>8>5>3>2>1 
4 1111 

where we see that 60 = 4x13 + 8, 13 = 1x8 + 5, ...,3 = 1x2 + 1. Now we start working 
backwards. 1 = 3-1x2, 2 = 5-1x3, so 1 = 2x3-1x5. Next we have 3 = 8 — 1 x 5, so 

1 = 2(8 -5) -1x5 = 2x8-3x5. 

Next, 5 = 13 -1x8, so 1 = 2x8 - 3(13 - 8) = 5 x 8 - 3 x 13. Finally 8 = 60 - 4 x 13, 
so 1 = 5 x 60 — 23 x 13. This is the final answer: 1 = gcd(m, n) = am + bn where m = 60, 
n = 13, a = 5, and b = —23. You should make up some examples on your own and carry 
out this computation. Q 

The positive integers A; = 1, 5, 7, 11 are less than 12 and have no common factors with 
12 (i.e., are relatively prime to 12). Another way to say this is gcd(A;, 12) = 1. The four 
numbers, 1, 5, 7, and 11 are the only numbers k with gcd(A;, 12) = 1 and 1 < A; < 12. For 
this reason, we say ^(12) = 4. More generally: 

Definition 4 (The Euler (f) function) We define a function (t){n), with domain the 
positive integers, to be the number of integers k, 1 < k < n, such that gcd{k,n) = 1. This 
function is called the Euler 4> function. 
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Example 14 (Properties of the Euler (f) function) We have noted that 0(12) = 4. 
Since gcd(l, 1) = 1, we have (/)(1) = 1. For any prime p, we have ^(p) = p — 1 because 
gcd{k,p) = 1 for A; = 1, 2, ... ,p — 1. 

Suppose n = pq is the prime factorization of n and p ^ q- We can hst the positive 
integers less than n that are not relatively prime to n. There are two classes of such 
numbers. The q multiples of p: p, 2p, 3p,...,qp and the p multiples of q: q, 2q, 3q, . . . , pq. 
Except for qp = pq, these two lists have no numbers in common (why?). Thus, the total 
number of positive integers less than or equal to n that are not relatively prime to n is 
q + p — 1. Thus, the number of number less than or equal to n = pq that are relatively 
prime to n is pq — {p + q — 1) = {p — l){q — 1). 

The set of numbers less than n that are relatively prime to n has a name. It is called 
the group of units of n and the numbers in that set are called units. The reason for this 
name is beyond the scope of our course, but does not involve difficult concepts. The Euler 
^ function and the group of units come into computer science in connection with computer 
security. It is the basis for a certain type of encryption known as RSA (discussed below) 
and is used in a common encryption protocol called PGP (Pretty Good Privacy). The key 
property that makes the group of units useful in this context is that a"^*^") = 1 (mod n) 
whenever a is a unit (of n). We won't prove this fact, but let's look at an example. Suppose 
n = 12. We know that (j){12) = 4 and that the units are {1,5,7,11}. Clearly l-J^^^^) ^ i 
(mod 12). What about the other units? We have 5^ = 25 = 1 (mod 12). Thus 5"^ = 1^ = 1 
(mod 12). We could do the same calculations for 7 and 11. Here's another way. Since 
7 = -5 (mod 12), 7^ = {-1)^5'^ = 5^ = 1 (mod 12). Likewise, 11 = -1 (mod 12) and 
so 11"* = ( — 1)^ = 1 (mod 12). You may have noticed that = 1 (mod 12) for all units 
a. There's no guarantee that (l>{n) is the least power for which a"^*^"^) = 1 (mod n) for all 
units a. 

If n = pq then, since ^{n) = {p — l){q — 1), this property becomes 
^(p-i)(9-i) — I (mod Jig') when gcd{m,pq) = 1. 
This fact will be important in our discussion of the RSA protocol. D 



Cryptography on the Internet 

Suppose two people — Alice and Bob — wish to communicate secretly, but anyone can 
eavesdrop on there conversation. How can they do this? We already saw in Example 9 
how they could do this, and we saw how some problems could arise because of espionage. 
There's another problem we haven't mentioned. What if Alice and Bob don't have a secret 
key K that they both know? 

Cryptography on the internet addresses this. It uses "public-information algorithms" : 
No prior secret communication between Alice and Bob is needed — it's all done publicly. 
There are two approaches in use. 

• Somehow Alice and Bob can develop a secret key even though someone is eavesdropping 
on their conversation. In this process, Alice and Bob usually play similar roles and so 
this is known as symmetric encryption. 
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• Alice can make known to the world data that allows people to encrypt messages to 
send to her but makes it hard for people other than Alice to decrypt them. Bob can do 
the same. Since this information (the key) is publicly known, this approach is called 
public key cryptography. 

These approaches depend on what are called trapdoor functions. A trapdoor function 
is an invertible function g such that, given g{x) it is hard to compute x. Such functions 
are also called one-way functions, but this is a bit misleading since it suggests that g is not 
invertible. We will discuss protocols that use two different trapdoor functions. 

Example 15 (Discrete logs and better encryption) There are many ways to design 
a system such that, knowing the plaintext and ciphertext, it is still hard to recover the key. 
The method we describe here is not actually used, but it lays some of the groundwork for 
our next example. 

If you use your calculator, you can easily compute 11^ = 19487171. If you know 
that 19487171 is of the form 11^, for some x, you can equally well use your calculator 
to get X. From high school, you should remember that x = log j^]^ (19487171). Probably, 
you would do that calculation using the LOG or LN button on your calculator as follows: 
LOG(19487171)/LOG(ll) = 7. In any case, it is pretty easy. But, a seemingly innocent 
modification makes this sort of calculatio n ver y difficult in many cases. 



If we compute 11* % 163 for t = 0,% .Sr;~L61, we get each of the numbers 1,2,..., 162 
exactly once — but they are in a mixed up order. Instead of 11^, let's compute 11^ % 163. 
The answer is 32. Thus x = 7 is the solution to 32 = 11^ % 163. In general, if we are given 
a, b and n, it is not easy to solve a = b^ %n even though we know there is a unique x 
between and n when a and b are units of n. For small numbers like this example, it can 
be done by trying all < x < n — 1. But, for big numbers with hundreds of digits, it seems 
to be all but impossible by any presently available methods. This problem of recovering an 
exponent from an exponentiated expression after it has been reduced modulo some number 
is called the discrete logarithm problem and the exponent is called the discrete logarithm. 

Here is how we might use discrete logarithms to make it very hard for Joe's espionage 
when Alice and Bob have a secret key K. We choose a large modulus p that never changes. 
When someone wants to send a message P, the computer chooses a "base" b at random 
and computes b^ %p. Call the result of this computation L. 

The computer uses L to encrypt P by whatever method is being used for encryption. 
Thus, the computer obtains /l(-P) = C. It sends b and C. The computer at the other end 
computes 6^ %p to obtain L and uses it to decrypt the message. (It turns out to be best if 
6 is a unit of p. By choosing p to be a prime we know that all b between and p are units.) 

What can the spy Joe do? Suppose the encryption method is the one used in Exam- 
ple 10: We simply write L as a binary number and add it bitwise to the message P. Since 
the modulus p is fixed, we'll assume Joe knows what it is. As before, Joe gets his friend 
to send a message, so he has P, C and b for this particular message — call them Pi, Ci 
and bi. From Pi and Ci, Joe recovers Li. Later, someone else sends a message P2- The 
computer chooses a random 62 , computes b2 %p = L2 and C2 . By eavesdropping Joe gets 
62 and C2. 

• To decrypt the message, Joe needs to find L2 so that he can add it bitwise to C2. 
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• To get L2 he needs K because L2 = ftf' (mod p) and he knows 62 • 

• To get K he needs to solve the discrete log problem because he has bi and Li and 
6f- = Li (mod p). 

This is too hard, so Joe gives up. 

There was nothing special about adding L bitwise to P. Whatever method was used, 
Joe would still want to recover K and so would need to carry out the steps in the previous 
paragraph. Q 

Suppose the values of b and p are known and fixed. The function g, defined by g(n) = 
6" %p, is thought to be a trapdoor function. Finding n from g{n) is referred to as computing 
the discrete log of 6". As remarked in the previous example, computing the discrete log is 
believed to be very difficult. Thus g is believed to be a trapdoor function. 

Suppose Alice and Bob want to communicate over the internet in secrecy, but have no 
shared key K. They must somehow construct K even though Joe can read their commu- 
nications. 

Example 16 (DifRe-Hellman: a symmetric key-exchange protocol) Here is how 

two computers can use the difficulty of the discrete log problem to generate a key K that 
they will share. Everyone agrees on a modulus p that is built into a program all computers 
can use. They also agree on a base b. Thus everyone, including the spy Joe, knows p and b. 
For purposes of illustration, we take p = 163 and b = 11. The values actually used on the 
internet are much bigger. We call the two computers that want to communicate A and B. 

Computer A chooses, in secret, a random number s with 1 < s < p — 1. Let us say 13 
is chosen by A. Then A computes V %p = S and sends S to computer B. In our example, 
iS = 19 since 11^^% 163 = 19. Meanwhile, B carries out the same process, choosing t 
and computing T, which it sends to A. Let us say B chooses t = 23. Thus B computes^ 
T = 11^3% 163 = 116. 

Where are we now? Both computers and the spy Joe know that S" = 19 and T = 116. 
Only computer A knows that s = 13 and only computer B knows that t = 23. In general, 
the public information is b, p, S and T; however, s and t are not public information since 
they were never sent over the internet. 

What do the computers do now? Computer A uses its secret number s and computes 
%p = K. In our case, iW^ % 163 = 154, so K = 154. Likewise, B computes S^%p = 
K, which is 19^'^% 163 = 154 in our case. That's amazing — A and B have the same 
number! Why is this? With all calculations modulo p, we have 

T' = {b^ = 6*^ = {b'Y = 5* (mod p). 

Where does this leave Joe? The obvious way for him to get key is to find either s or 
t since he already knows S and T. To find s, he needs to solve the discrete log problem 

^ The following computations and others like it can be done by using software packages 
such as GNU-MP, Maple® and Mathematica® . If you have to do it on a pocket calculator, 
it's best to do it in steps taking advantage of the properties of modular arithmetic. 
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= S (mod p). Likewise for T. Maybe there is a clever way for Joe to get K easily from 
b, p, S and T. At the present time, nobody knows of any such method, so Joe is stuck. 

The method of key exchange just discussed is called the Diffic-Hellman algorithm. It 
was discovered in 1976 and was the first public-information algorithm invented — invented 
in public that is! Apparently, the same algorithm, as well as other, later-to-be-discovered 
algorithms (such as RSA — Rivest, Shamir, Adleman, published by them in 1978), were dis- 
covered by British cryptanalysts working in secret in the Communications-Electronics Secu- 
rity Group in Britain during the early 1970's. Working in that group, Malcolm Williamson 
discovered the "Diffie-Hellman" algorithm in 1974. Q 

Our next example is based on the difficulty of factoring. In this case, g is the function 
from pairs of primes p < q to their product; that is, g{p, q) = pq. This is believed to be a 
trapdoor function when both p and q are large. To put this another way, all known methods 
of factoring take a long time. The protocol in this example is due to Rivest, Shamir and 
Adleman and so is called the RSA protocol. 



'Example 17 (The RSA protocol) This encryption system is based on the choice of 
some integer A'' that is a product of two primes. Suppose we take N = 77. We see easily 
that N = pq where p = 7, q = II. In real applications of this protocol p and q are primes 
with hundreds of digits, so given A'^ = pq, it is very hard (or so it seems with present 
techniques) to factor N to get p and q. This is where the security of this method resides. 
Let's pretend that Alice makes known to the public her integer 77, and that Bob wants to 
send her a message. Suppose the spy Joe can't figure out how to factor 77. (In RSA this is 
true because much larger primes are used and multiplication is believed to be a trapdoor 
function.) 

Alice is going to make known some more information. She picks two numbers e and 
d such that ed = 1 (mod 60). Why 60? Because 60 = (p - l){q - 1) = 0(77). Suppose 
Alice picks e = 13 and d = 37. In this case ed = 13 x 37 = 481. Check it out: 481 = 1 
(mod 60). She makes known to the public e = 13 and keeps d = 37 secret. Since Joe 
can't factor 77, he can't get the values p = 7 and q = 11. Hence Joe can't get the number 
(p — l){q — 1) = 60, and so he can't figure out that d = 37, given the publicly displayed 
number e = 13. 

By the way, we didn't say how Alice chose the pair e = 13 and d = 37. Well, she 
just picked the e because it "seemed like a nice number." So that's her choice, as long as 
gcd(e, 60) = 1. Clearly gcd(13, 60) = 1, so she did all right there. To pick the d = 37 she 
used the method in Example 13 applied to m = 13, n = 60. You should reconstruct her 
calculations. 

So now we have all that Alice is willing to tell the world: N = 77 and e = 13. In other 
words and e are Alice's public information. The factorization N = pq and the value of 
d are not public information because they were not sent over the internet. 

Let's work an example. Bob may decide to send the message M = 5. To send his 
message, he looks at Alice's public information (77 and 13) and sends % 77 = 5^^ % 77. 
You can easily check on your calculator that 5^^ = 26 (mod 77). In general, M^%N is 
sent by Bob. Call it C. 
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So now Alice receives the message 26. Here is what she does to decrypt the message. 
She computes 26^^ % 77 and gets 5. Recall that 37 was her secret number paired with 13. 

This is the RSA protocol. 

Suppose Joe intercepts C by eavesdropping. (In this case, the value was 26.) What 
can he do? If he knew d = 37, his life would be simple since he could do what Alice has 
done to decrypt the message. As far as is known, he'd have to be able to factor A'" in order 
to compute d — too hard! Could he do something else? Nobody knows of anything Joe 
could do that would not be hard. 

Some of you might think that Joe had to solve the discrete log problem rather than 
the factoring problem since he saw % A''. In the discrete log problem for M'^ mod A', we 
know M and want to find e. Joe's problem is just the reverse — he knows e and wants to 
find M. This is believed to be a hard problem and is believed to be equivalent to factoring. 

Why does Alice's decryption method work? In general, she is sent C, which is % N, 
and computes = = M"'^ (mod N). Recall, that ed = 1 (mod 0(A')). Thus 

ed = 1 + k(f){N) for some integer k. Hence 



(a) First suppose gcd(M, A') = 1, that is, M is a unit (see Example 14) and so, by the 
property at the end of Example 14, M'^^-^) = 1 mod N. Thus 



Since 1 < Af < A, we have recovered M exactly, not just "mod A." 

(b) Now suppose M = mod p and M is a unit mod q. Then M^*^ = = M mod p and 
W"^ = M mod q. It can be shown that this implies M'^'^ = M mod A". 

(c) A similar argument works if M = mod q and M is a unit mod p. 

(d) The case M = is all that remains. It is trivial: M"'^ = M. □ 



Exercises for Section 2 

2.1. Use the Euclidean algorithm to find all common divisors of 
(a) 1001 and 544 (b) 3510 and 652 

2.2. Find all common divisors of 252 and 180 using the Euclidean algorithm. 

2.3. How many common divisors are there of 59400 and 16200? 

2.4. Using the Euclidean algorithm, find A and B such that Am+Bn = gcd(m.n) where 
m = 252 and n = 180. 




M^'^ = Mx {lY = M (mod A"). 
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2.5. Using the Euclidean algorithm, find A and B such that Am+Bn = gcd(m.n) where 
m = 59400 and n = 16200. 

2.6. Using the Euclidean algorithm, find A and B such that Am+Bn = gcd(m.n) where 
m = 163 and n = 86. 

2.7. Prove that gcd(a, 6) divides lcm(a, 6). 

2.8. In each case find lcm(120, 108) (a) by prime factorization and (b) by the Euclidean 
algorithm. 

2.9. Suppose a and b are positive integers. Prove directly from the definition of the least 
common multiple that a | 6 if and only if lcm(a, b) = b. 

2.10. Following Example 16, suppose p = 163, b = 11. Computer A still chooses 13, but 
B chooses 15 instead of 23. What is the common key that results? 

2.11. Suppose that, in Example 16, one of the computers chooses 1. Explain how the spy 
Joe can detect that and get their shared key. 

*2.12. Suppose that N \s a prime in the RSA protocol of Example 17. How can the spy 
Joe find the message M if he has e, N and the encrypted message %N = CI 

*2.13. Using the same numbers as in Example 17, decrypt the message 2. 

*2.14. Consider the RSA protocol (Example 17). Suppose that = 5 x 13 and e = 7. 
What is dl 

*2.15. Consider the RSA protocol (Example 17). Explain why d and e must both be 
chosen to be odd. 
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In each case there is one correct answer (given at the end of the problem set). Try 
to work the problem first without looking at the answer. Understand both why the 
correct answer is correct and why the other answers are wrong. 

1. "If A; > 1 then 2^ — 1 is not a perfect square." Which of the following is a correct 

proof? 

(a) If 2^^ - 1 = then 2^'^ -\ = (n-\f and = ^ = 2. But this latter 
ratio is 2 if and only if n = 1 or n = 3. Thus, 2^ — 1 = leads to a contradiction. 

(b) If 2^ — 1 = then 2'^ = + 1. Since 2 divides n^, 2 does not divide v? + 1. This 
is a contradiction since obviously 2 divides 2'^. 

(c) 2^^ — 1 is odd and an odd number which is a perfect square can't differ from a 
power of two by one. 

(d) 2^^ — 1 is odd and an odd number can never be a perfect square. 

(e) If 2^^ - 1 = then n is odd. If n = 2 j + 1 then 2^ - 1 = (2j + if = 4f + 4j + 1 
which implies that 2^^, A; > 1 is divisible by 2 but not by 4. This is a contradiction. 

2. The repeating decimal number 3.14159265265265 . . . written as a ratio of two integers 
a/b is 

(a) 313845111/99990000 

(b) 313844841/99900000 

(c) 313845006/99990000 

(d) 313845106/99900000 

(e) 313845123/99000000 

3. Which of the following statements is true: 

(a) A number is rational if and only if its square is rational. 

(b) An integer n is odd if and only if + 2n is odd. 

(c) A number is irrational if and only if its square is irrational. 

(d) A number n is odd if and only if n(n + 1) is even 

(e) At least one of two numbers x and y is irrational if and only if the product xy is 
irrational. 

4. Which of the following statements is true: 

(a) A number k divides the sum of three consecutive integers n, n + 1, and n + 2 if 
and only if it divides the middle integer n + 1. 

(b) An integer n is divisible by 6 if and only if it is divisible by 3. 

(c) For all integers a, b, and c, a\ be if and only if a | 6 and a \ c. 

(d) For all integers a, b, and c, a\ {b + c) if and only if a | 6 and a \ c. 
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(e) If r and s are integers, then r | s if and only if | s^. 

5. For all N > 0, if N = k{k + l){k + 2) is the product of three consecutive non-negative 
integers then for some integer s > k, N is divisible by a number of the form 

(a) - 1 

(b) 

(c) 

(d) S2 + 1 

(e) + 2 

6. To one percent accuracy, the number of integers n in the list 0'^ ,1^ ,2"^ , . . . , 1000^ such 
that n%16 = 1 is 

(a) 20 percent 

(b) 50 percent 

(c) 30 percent 

(d) 35 percent 

(e) 25 percent 

7. Which of the following statements is TRUE: 

(a) For all odd integers n, \n/2] = 

(b) For all real numbers x and y, + y] = \x] + \y~\ . 

(c) For all real numbers x, [x^] = ([x])^. 

(d) For all real numbers x and y, \_x + y\ = \_x\ + \_y\ . 

(e) For all real numbers x and y, \_xy\ = \_x\ \_y\ . 

8. Which of the following statements is logically equivalent to the statement, "If a and 
b ^ are rational numbers and r 7^ is an irrational number, then a + hr is irrational." 

(a) If a and 6 7^ are rational and r 7^ is real, then a + 6r is rational only if r is 
irrational. 

(b) If a and 6 7^ are rational and r 7^ is real, then a + 6r is irrational only if r is 
irrational. 

(c) If a and 6 7^ are rational and r 7^ is real, then r is rational only if o + 6r is 
rational. 

(d) If a and 6 7^ are rational and r 7^ is real, then a + 6r is rational only if r is 
rational. 

(e) If a and 6 7^ are rational and r 7^ is real, then a + 6r is irrational only if r is 
rational. 

9. The number of primes of the form — 6n + 5| where n is an integer is 
(a) (b) 1 (c) 2 (d) 3 (e) 4 
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10. The Euclidean Algorithm is used to produce a sequence Xi > X2 > ■ ■ ■ > Xk-i > 
Xk = of positive integers where each Xj, 2 < t < A;, is the remainder gotten by 
dividing Xt_2 by Xj-i. If X^^i = 45 then the set of all (positive) common divisors of 
Xi and X2 is 

(a) {1,3,5} 

(b) {1,3,5,9,15,} 

(c) {1,9,15,45} 

(d) {1,3,5,15} 

(e) {1,3,5,9,15,45} 

11. Let L be the least common multiple of 175 and 105. Among all of the common divisors 
X > 1 of 175 and 105, let D be the smallest. Which is correct of the following: 



(a) D 


= 5 and L = 


1050 


(b) D 


= 5 and L = 


35 


(c) D 


= 7 and L = 


525 


(d) D 


= 5 and L = 


525 


(e) D 


= 7 and L = 


1050 



12. The Euclidean Algorithm is used to produce a sequence X^ > X2 > X^ > X4 > X5 = 

of positive integers where Xt = qt+iXt+i + Xt+2- 1 = 1,2, 3. The quotients are q2 = 3, 
53 = 2, and = 2. Which of the following is correct? 

(a) gcd(Xi,X2) = -2X1 + 6X2 

(b) gcd(Xi,X2) = -2Xi-6X2 

(c) gcd(Xi,X2) = -2Xi-7X2 

(d) gcd(Xi,X2) = 2Xi + 7X2 

(e) gcd(Xi,X2) = -2Xi + 7X2 



Answers: 1 (e), 2 (d), 3 (b), 4 (e), 5 (a), 6 (b), 7 (a), 8 (d), 9 (c), 10 (e), 11 (d), 
12 (e). 
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UNIT NT: Multiple Choice Questions 
Lectures in Discrete Mathematics, 
Course 1, Bender/Williamson 

In each case there is one correct answer (given at the end of the problem set). Try 
to work the problem first without looking at the answer. Understand both why the 
correct answer is correct and why the other answers are wrong. 

1. "If A; > 1 then 2^ — 1 is not a perfect square." Which of the following is a correct 

proof? 

(a) If 2^^ - 1 = then 2^'^ -\ = (n-\f and = ^ = 2. But this latter 
ratio is 2 if and only if n = 1 or n = 3. Thus, 2^ — 1 = leads to a contradiction. 

(b) If 2^ — 1 = then 2'^ = + 1. Since 2 divides n^, 2 does not divide v? + 1. This 
is a contradiction since obviously 2 divides 2'^. 

(c) 2^^ — 1 is odd and an odd number which is a perfect square can't differ from a 
power of two by one. 

(d) 2^^ — 1 is odd and an odd number can never be a perfect square. 

(e) If 2^^ - 1 = then n is odd. If n = 2 j + 1 then 2^ - 1 = (2j + if = 4f + 4j + 1 
which implies that 2^^, A; > 1 is divisible by 2 but not by 4. This is a contradiction. 

2. The repeating decimal number 3.14159265265265 . . . written as a ratio of two integers 
a/b is 

(a) 313845111/99990000 

(b) 313844841/99900000 

(c) 313845006/99990000 

(d) 313845106/99900000 

(e) 313845123/99000000 

3. Which of the following statements is true: 

(a) A number is rational if and only if its square is rational. 

(b) An integer n is odd if and only if + 2n is odd. 

(c) A number is irrational if and only if its square is irrational. 

(d) A number n is odd if and only if n(n + 1) is even 

(e) At least one of two numbers x and y is irrational if and only if the product xy is 
irrational. 

4. Which of the following statements is true: 

(a) A number k divides the sum of three consecutive integers n, n + 1, and n + 2 if 
and only if it divides the middle integer n + 1. 

(b) An integer n is divisible by 6 if and only if it is divisible by 3. 

(c) For all integers a, b, and c, a\ be if and only if a | 6 and a \ c. 

(d) For all integers a, b, and c, a\ {b + c) if and only if a | 6 and a \ c. 
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Review Questions 

(e) If r and s are integers, then r | s if and only if | s^. 

5. For all N > 0, if N = k{k + l){k + 2) is the product of three consecutive non-negative 
integers then for some integer s > k, N is divisible by a number of the form 

(a) - 1 

(b) 

(c) 

(d) S2 + 1 

(e) + 2 

6. To one percent accuracy, the number of integers n in the list 0'^ ,1^ ,2"^ , . . . , 1000^ such 
that n%16 = 1 is 

(a) 20 percent 

(b) 50 percent 

(c) 30 percent 

(d) 35 percent 

(e) 25 percent 

7. Which of the following statements is TRUE: 

(a) For all odd integers n, \n/2] = 

(b) For all real numbers x and y, + y] = \x] + \y~\ . 

(c) For all real numbers x, [x^] = ([x])^. 

(d) For all real numbers x and y, \_x + y\ = \_x\ + \_y\ . 

(e) For all real numbers x and y, \_xy\ = \_x\ \_y\ . 

8. Which of the following statements is logically equivalent to the statement, "If a and 
b ^ are rational numbers and r 7^ is an irrational number, then a + hr is irrational." 

(a) If a and 6 7^ are rational and r 7^ is real, then a + 6r is rational only if r is 
irrational. 

(b) If a and 6 7^ are rational and r 7^ is real, then a + 6r is irrational only if r is 
irrational. 

(c) If a and 6 7^ are rational and r 7^ is real, then r is rational only if o + 6r is 
rational. 

(d) If a and 6 7^ are rational and r 7^ is real, then a + 6r is rational only if r is 
rational. 

(e) If a and 6 7^ are rational and r 7^ is real, then a + 6r is irrational only if r is 
rational. 

9. The number of primes of the form — 6n + 5| where n is an integer is 
(a) (b) 1 (c) 2 (d) 3 (e) 4 
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10. The Euclidean Algorithm is used to produce a sequence Xi > X2 > ■ ■ ■ > Xk-i > 
Xk = of positive integers where each Xj, 2 < t < A;, is the remainder gotten by 
dividing Xt_2 by Xj-i. If X^^i = 45 then the set of all (positive) common divisors of 
Xi and X2 is 

(a) {1,3,5} 

(b) {1,3,5,9,15,} 

(c) {1,9,15,45} 

(d) {1,3,5,15} 

(e) {1,3,5,9,15,45} 

11. Let L be the least common multiple of 175 and 105. Among all of the common divisors 
X > 1 of 175 and 105, let D be the smallest. Which is correct of the following: 



(a) D 


= 5 and L = 


1050 


(b) D 


= 5 and L = 


35 


(c) D 


= 7 and L = 


525 


(d) D 


= 5 and L = 


525 


(e) D 


= 7 and L = 


1050 



12. The Euclidean Algorithm is used to produce a sequence X^ > X2 > X^ > X4 > X5 = 

of positive integers where Xt = qt+iXt+i + Xt+2- 1 = 1,2, 3. The quotients are q2 = 3, 
53 = 2, and = 2. Which of the following is correct? 

(a) gcd(Xi,X2) = -2X1 + 6X2 

(b) gcd(Xi,X2) = -2Xi-6X2 

(c) gcd(Xi,X2) = -2Xi-7X2 

(d) gcd(Xi,X2) = 2Xi + 7X2 

(e) gcd(Xi,X2) = -2Xi + 7X2 



Answers: 1 (e), 2 (d), 3 (b), 4 (e), 5 (a), 6 (b), 7 (a), 8 (d), 9 (c), 10 (e), 11 (d), 
12 (e). 
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k\n {k divides n; n/k e Z) NT-2 

Function (particular) 

[xj (greatest integer) NT-9 
[x] (ceiling) NT-9 
gcd(a, b) (greatest common 

divisor) NT- 16 
(j){n) (Euler <p) NT-19 
lcm(o, b) (least common 

multiple) NT-16 

gcd(a, b) (greatest common 
divisor) NT-16 

lcm(a, b) (least common 
multiple) NT-16 

x%d{x mod d) NT-7 

N (Natural numbers) NT-1 

Q (Rational numbers) NT-1 

M (Real numbers) NT-1 

Sets of numbers 

N (Natural numbers) NT-1 
N+ (Positive integers) NT-1 
Nt {{neZ\n> 2}) NT-1 
P (Prime numbers) NT-2 
Q (Rationals) NT-1 
M (Real numbers) NT-1 
Z (Integers) NT-1 
dZ + k (residue class) NT-6 

Z (Integers) NT-1 
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Algebraic number theory NT-3 

Algorithm 

Euclidean NT-18 

Arithmetic 

modular NT-6 

Ceiling function (= least 
integer) NT-9 

Ciphertext NT-13 

Composite number NT-2 

Countable set NT-5 

Cryptography NT-13 

Diffie-Hellman protocol NT-22 
PGP NT-20 
public key NT-21 
RSA protocol NT-23 
symmetric encryption NT-20 
trapdoor function NT-21 

Diagonal argument NT-6 

Diffie-HcUman protocol NT-22 

Discrete logarithm NT-21 
Diffie-Hellman and NT-22 

Divisible by: k\n NT-2 

Espionage NT- 15 

Euclidean algorithm NT-18 

Euler ^ function NT-19 

RSA protocol and NT-23 

Even integer NT-1 

Factoring 

RSA and NT-23 
uniqueness of NT-3 

Fermat's Last Theorem NT-3 



Floor function (= greatest 
integer) NT-9 

Function 

ceiling (= least integer: 

[x]) NT-9 
Euler (j) NT-19 
Euler (p and RSA 

protocol NT-23 
floor (= greatest integer: 

lx\) NT-9 
greatest common divisor 

(= gcd) NT-16 
greatest integer NT-9 
least common multiple 

(= 1cm) NT-16 
least integer NT-9 
one-way (= trapdoor) NT-21 
trapdoor NT-21 



Greatest common divisor 
(= gcd) NT-16 
Euchdean algorithm NT-18 

Greatest integer function NT-9 
Irrationality of square root NT-4 



Key (cryptography) NT-13 
Diffie-Hellman NT-22 
RSA and pubfic NT-23 
trapdoor function and NT-21 



Least common multiple 
(= 1cm) NT-16 

Least integer function NT-9 

Logarithm 

discrete and Diffie- 
Hellman NT-22 
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Mod as binary operator NT-7 
Mod as equivalence relation NT-7 
Modular arithmetic NT-6 

Number 

composite NT-2 
integer Z NT-1 
irrational: M-Q NT-1 
natural N NT-1 
prime: P NT-2 
rational: Q NT-1 
real: M NT-1 

square root is irrational NT-4 
unique prime factorization 
of NT-3 

Number theory 
algebraic NT-3 
nonunique factorization NT-3 

Odd integer NT-1 

One-way (= trapdoor) 
function NT-21 

Perfect square NT-4 

PGP (= Pretty Good 

Privacy) NT-20 

Plaintext NT- 13 

Prime factorization NT-3 
uniqueness of NT-3 

Prime number NT-2 
infinitely many NT-4 
unique factorization into NT-3 

Public key cryptography NT-21 
PGP NT-20 
RSA protocol NT-23 

Residue class (modular 

arithmetic) NT-6 

RSA protocol NT-23 



Set 

countable NT-5 
Symmetric encryption NT-20 

Theorem 

Unique Factorization NT-3 

Trapdoor function NT-21 
discrete logarithm NT-22 

Unique prime factorization NT-3 
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